A practical privacy-preserving public key repository

Armanfar, Ramin (2017) A practical privacy-preserving public key repository. [Thesis]

[thumbnail of RaminArmanfar_10143970.pdf] PDF
RaminArmanfar_10143970.pdf

Download (966kB)

Abstract

Internet and mobile users have been using financial institutions' alternative channels for their financial transactions with an increasing rate. In order to avoid frauds, the financial institutions make use of second factor authentication tokens such as one-time passwords sent to mobile phones as text. Another trend of such transaction verification is utilizing fully cryptographic protocols, in which the transactions are signed by the users. In the implementation of such an approach, in order to provide end-to-end security between the financial institution and its client, each client must have a public-private key pair. In some cases, especially for small-scale institutions, such a transaction verification system is fully outsourced as a Cloud service including clients' public keys. However, even in this outsourced model, the institutions need to access their clients' public keys for end-to-end security. In such a case, in order to provide privacy of the clients against the outsourced database, we need a privacy-preserving public key repository. In this thesis, we developed such a privacy-preserving public key repository based on Path ORAM mechanism. We have developed adaptation layers for Path ORAM so that the queries are performed via regular SQL queries and the data is stored in a regular relational database, rather than Path ORAM's non-standard data structure. In this way, the non-standard features are hidden from both the financial institutions and the Cloud provider. We analyzed the performance of our system under different database sizes, network connection models and query types. We conclude that such a Path ORAM based system is feasible to be used in a practical system since even with a regular computer used as a server, the computational overhead is at marginal level.
Item Type: Thesis
Subjects: T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK7800-8360 Electronics > TK7885-7895 Computer engineering. Computer hardware
Divisions: Faculty of Engineering and Natural Sciences > Academic programs > Computer Science & Eng.
Faculty of Engineering and Natural Sciences
Depositing User: IC-Cataloging
Date Deposited: 25 Apr 2018 16:27
Last Modified: 26 Apr 2022 10:18
URI: https://research.sabanciuniv.edu/id/eprint/34539

Actions (login required)

View Item
View Item